Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
855
VMScore
CVE-2013-1668
The uploadFile function in upload/index.php in CosCMS prior to 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.
Coscms Coscms
Coscms Coscms 1.41
Coscms Coscms 1.3
1 EDB exploit
505
VMScore
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube up to and including 7.2 allows SQL Injection.
Youphptube Youphptube
1 EDB exploit
383
VMScore
CVE-2013-4670
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
534
VMScore
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
641
VMScore
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
755
VMScore
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
755
VMScore
CVE-2014-9215
SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 prior to 20141128 allows remote malicious users to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the fo...
Pbboard Pbboard
1 EDB exploit
755
VMScore
CVE-2015-3933
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS prior to 0.0.3-patch allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
Metalgenix Genixcms
1 EDB exploit
760
VMScore
CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote malicious users to execute arbitrary SQL commands via the CatID parameter.
Itechscripts Itechclassifieds 3.0
2 EDB exploits
755
VMScore
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.4
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain
Apprain Apprain 3.0.1
Apprain Apprain 0.1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »